Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
p4pAP10Um0.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\p4pAP10Um0.exe.log
|
CSV text
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\p4pAP10Um0.exe
|
"C:\Users\user\Desktop\p4pAP10Um0.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
94.131.11.107:27667
|
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
https://api.ip.s
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 19 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
27B9000
|
trusted library allocation
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
1AF3D000
|
heap
|
page read and write
|
||
|
B15000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
75E000
|
heap
|
page read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
286A000
|
trusted library allocation
|
page read and write
|
||
|
1C9FE000
|
stack
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
282E000
|
trusted library allocation
|
page read and write
|
||
|
1AF47000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B786000
|
trusted library allocation
|
page read and write
|
||
|
2839000
|
trusted library allocation
|
page read and write
|
||
|
1AF50000
|
heap
|
page read and write
|
||
|
275D000
|
trusted library allocation
|
page read and write
|
||
|
773000
|
heap
|
page read and write
|
||
|
27BB000
|
trusted library allocation
|
page read and write
|
||
|
27BD000
|
trusted library allocation
|
page read and write
|
||
|
285B000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
C73000
|
heap
|
page read and write
|
||
|
1AF32000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2861000
|
trusted library allocation
|
page read and write
|
||
|
1AF78000
|
heap
|
page read and write
|
||
|
27F0000
|
trusted library allocation
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E3000
|
trusted library allocation
|
page read and write
|
||
|
262E000
|
stack
|
page read and write
|
||
|
26D1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B72C000
|
trusted library allocation
|
page execute and read and write
|
||
|
27B5000
|
trusted library allocation
|
page read and write
|
||
|
27CF000
|
trusted library allocation
|
page read and write
|
||
|
1B300000
|
heap
|
page read and write
|
||
|
1B365000
|
heap
|
page read and write
|
||
|
12636000
|
trusted library allocation
|
page read and write
|
||
|
27C8000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
trusted library section
|
page readonly
|
||
|
27A2000
|
trusted library allocation
|
page read and write
|
||
|
1AF97000
|
heap
|
page read and write
|
||
|
28C0000
|
trusted library allocation
|
page read and write
|
||
|
1B1D0000
|
heap
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page execute and read and write
|
||
|
2852000
|
trusted library allocation
|
page read and write
|
||
|
1C400000
|
trusted library allocation
|
page read and write
|
||
|
27FD000
|
trusted library allocation
|
page read and write
|
||
|
827000
|
heap
|
page read and write
|
||
|
2815000
|
trusted library allocation
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
7FFD9B6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F1000
|
heap
|
page read and write
|
||
|
284A000
|
trusted library allocation
|
page read and write
|
||
|
2631000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
1B32B000
|
heap
|
page read and write
|
||
|
82B000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
1CCFE000
|
stack
|
page read and write
|
||
|
1CAFE000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
2826000
|
trusted library allocation
|
page read and write
|
||
|
285D000
|
trusted library allocation
|
page read and write
|
||
|
1B310000
|
heap
|
page read and write
|
||
|
286C000
|
trusted library allocation
|
page read and write
|
||
|
1AF00000
|
heap
|
page read and write
|
||
|
27E0000
|
trusted library allocation
|
page read and write
|
||
|
1AF6B000
|
heap
|
page read and write
|
||
|
27DD000
|
trusted library allocation
|
page read and write
|
||
|
1B0D0000
|
heap
|
page execute and read and write
|
||
|
1CBFE000
|
stack
|
page read and write
|
||
|
286E000
|
trusted library allocation
|
page read and write
|
||
|
2868000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6F4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
330000
|
unkown
|
page readonly
|
||
|
27CC000
|
trusted library allocation
|
page read and write
|
||
|
35E000
|
unkown
|
page readonly
|
||
|
7FFD9B6FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B33B000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
7FF45D2B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AF1A000
|
heap
|
page read and write
|
||
|
12633000
|
trusted library allocation
|
page read and write
|
||
|
12631000
|
trusted library allocation
|
page read and write
|
||
|
27CA000
|
trusted library allocation
|
page read and write
|
||
|
281D000
|
trusted library allocation
|
page read and write
|
||
|
330000
|
unkown
|
page readonly
|
||
|
770000
|
heap
|
page read and write
|
||
|
282C000
|
trusted library allocation
|
page read and write
|
||
|
332000
|
unkown
|
page readonly
|
||
|
1B2F5000
|
heap
|
page read and write
|
||
|
283D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
1B2DD000
|
stack
|
page read and write
|
||
|
7FFD9B6D4000
|
trusted library allocation
|
page read and write
|
||
|
284E000
|
trusted library allocation
|
page read and write
|
||
|
12638000
|
trusted library allocation
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
27D7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
1B343000
|
heap
|
page read and write
|
||
|
282A000
|
trusted library allocation
|
page read and write
|
||
|
2817000
|
trusted library allocation
|
page read and write
|
||
|
1AF1F000
|
heap
|
page read and write
|
||
|
27EE000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
1B2F0000
|
heap
|
page read and write
|
||
|
2698000
|
trusted library allocation
|
page read and write
|
||
|
281B000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
1AF2C000
|
heap
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C800000
|
heap
|
page read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page read and write
|
||
|
27C6000
|
trusted library allocation
|
page read and write
|
||
|
26D9000
|
trusted library allocation
|
page read and write
|
||
|
2743000
|
trusted library allocation
|
page read and write
|
||
|
7EC000
|
heap
|
page read and write
|
||
|
1ABBC000
|
stack
|
page read and write
|
||
|
1C422000
|
trusted library allocation
|
page read and write
|
||
|
27EA000
|
trusted library allocation
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
1AF43000
|
heap
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
2819000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78C000
|
trusted library allocation
|
page execute and read and write
|
||
|
283B000
|
trusted library allocation
|
page read and write
|
||
|
79D000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
6F2000
|
stack
|
page read and write
|
||
|
27EC000
|
trusted library allocation
|
page read and write
|
||
|
736000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
2828000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
284C000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page execute and read and write
|
||
|
27B7000
|
trusted library allocation
|
page read and write
|
There are 140 hidden memdumps, click here to show them.